26 Mar
2014
26 Mar
'14
3:04 p.m.
a) mandate use of CUI (preferrably, but I >cannot somehow recall how a third party could check whether >particular IdP provides CUI on their terminating RADIUS server(s), or
The service provider SP requests a CUI during the authentication. If the IdP doesn't provide one with the access accept then they don't provide CUI whilst there are many many sites that have solutions that can't do CUI it is not feasible to make it mandatory. For other technology like moonshot, since the only solutions out there *can* do CUI it is possible to make it mandatory. alan -- Sent from my Android device with K-9 Mail. Please excuse my brevity.